airship/airshipctl
Code Issues Proposed changes
ad8c87611b
airshipctl/roles/reverse-proxy/templates/etc/apache2/conf-available/ssl-params.conf.j2
Vamsi Savaram 5bf96b27d6 Add a HTTPS-->HTTP reverse proxy in front of redfish-emulator 
This patch introduces a reverse proxy that terminates an HTTPS
connection and forwards it to the redfish emulator behind that
is running HTTP. Also the reverse proxy presents a self-signed
certificate.

Closes: #136
Relates-To: #136

Change-Id: If6ee705247ae8866d2674bff1ff034277f9c9177
2020-04-02 10:21:37 -05:00

18 lines
777 B
Django/Jinja
Raw Blame History

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
# Disable preloading HSTS for now. You can use the commented out header line that includes
# the "preload" directive if you understand the implications.
#Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off
SSLSessionTickets Off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
#SSLOpenSSLConfCmd DHParameters "/etc/ssl/certs/{{ reverse_proxy_hostname }}-dhparam.pem"
View Git Blame Copy Permalink